a35bf232fe94767dc3e61786d4be7743f3652d06a44eae28f3caaa6c897c8c2d

Analysis

max time kernel
135s
max time network
133s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
12/10/2024, 18:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3b736358498ff7ab7ca0d74ea4e24dd1_JaffaCakes118.html
Size

53KB
MD5

3b736358498ff7ab7ca0d74ea4e24dd1
SHA1

474a549052950bcbb92066e31069227c649e37e5
SHA256

a35bf232fe94767dc3e61786d4be7743f3652d06a44eae28f3caaa6c897c8c2d
SHA512

836527023a601f20012a2b5f6f3a0bb6bb5d99ed6aba3a477e5b97b7c49da500b0bac59f7aa19c8ddefe9ebe361e60de082f993403cfa1c0516f94838d324c1b
SSDEEP

1536:CkgUiIakTqGivi+PyUzrunlY663Nj+q5VyvR0w2AzTICbb8oX/t9M/dNwIUTDmDB:CkgUiIakTqGivi+PyUzrunlY663Nj+qj

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434919351"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecf3e4259aa05419b9c0951a15b131900000000020000000000106600000001000020000000f480a358202eaf0a4665eab449390090eab59bcd77872a8286967dc00a3d6b51000000000e80000000020000200000009a0b788f66fde5fab5f9f5604576a4e472794a7b0dd6eb2f51ad1b38ddc86908900000002f4de69db4dd2dea6fa850bfdb9c4b6d10291dfa49e37499c95a5b163df648c2742fe1d67f0b6dd32c8b01190ee56da7b2467b8e592f8aa6d565582a0a9fdcd978c32092cd73f113e17586909d86da1e1bb8170216890026640f24187846764ab30c3a3b59be65dbf0584d98b039abf0b11c067da70c8d67afc8f107cfeebf679204530705df509d03e4baf85cee3ba2400000008837b407e1b32a95304dd81534b5eb95e3f10ab0e55e0695aa9ee1b0c26cf0d201ab017c35d38792d4f2a4f75bd835ed78553351b9d4194f17292903b8e3559d	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80514016d41cdb01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{3FE5B981-88C7-11EF-BE2D-CA3CF52169FD} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecf3e4259aa05419b9c0951a15b131900000000020000000000106600000001000020000000338147335cf62134691ddef6a552780ed9d615e7d441746ee000505baeb215cd000000000e8000000002000020000000fbaf2669bff74a8a6a2cf82b2ffb6cd4d34616f3a84d7186b497add0a975b42820000000a606e3fa6aab9c8526339d50c239f4952312785b8aa8ae94e167d9f3e18a3df2400000003d815c37ec1ea9b22b57e7aa44cf617c40444341b2c53ef75fb72f2ab8b62ce9a50b1b5c738f9cd1af32078204ab7de6430b4bb3ac5618320785599dc69fa0da	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2536	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2536	iexplore.exe
2536	iexplore.exe
2740	IEXPLORE.EXE
2740	IEXPLORE.EXE
2740	IEXPLORE.EXE
2740	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2536 wrote to memory of 2740	2536	iexplore.exe	30
PID 2536 wrote to memory of 2740	2536	iexplore.exe	30
PID 2536 wrote to memory of 2740	2536	iexplore.exe	30
PID 2536 wrote to memory of 2740	2536	iexplore.exe	30

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3b736358498ff7ab7ca0d74ea4e24dd1_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2536
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2536 CREDAT:275457 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2740

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9273f4c3ab3821d6be29832d660f91d7

SHA1
969487054e37c2648f219a1fed94665424afdd35

SHA256
48872b4c6ed333e1b0588c6752bccd3e3aa332d5625e43892eb96918ec8f46e3

SHA512
f0c224c5886203026ceed961908cbedae075695529346442444df030a88b5296c1cd65cef168d76eb4a44b61d83c09806d95d853b32bf67ab983ef3f22ca4ad4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2eb2e335b17ef40853271eadb2a2c03f

SHA1
13758b0f5760965e055ce6852b3b8f277c77ef45

SHA256
a542f50a9a20543c5ca8a83fc79702c0c1194786eed4f2b1794589c40310fa67

SHA512
f78b03120933722d49fe9f7106b36799c0000f110bd11a2fe5526176c762ddf6bd50140844922ab10435cd9b9f7dac5b84a407d392884b9c9c08b821f89d2758

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
952ff86478d5ae68937d0bb92c9d9ec5

SHA1
cd5b3094ac2629fb5f7dc68d9f086e8aab2d7ecf

SHA256
ab68cb2b8c20489d2448b3efbc8e9b69ecc51b595e06e1fe653afb0fb428acc3

SHA512
a6c3bcf96cb4f9f0060e2281c6c391818ad4354484508b714a72f873db98098dee96379c6a84cb39ac4eccd9c6b83f7ea34d9d07e4756c3ca84176a650495295

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6fe10aea49fb1536e13e4218edb232d6

SHA1
7a59f2bf9a90a8882959928b6076e9495d92822d

SHA256
803ff63cb80d8d74c91d24cc40994f6beadc871591178d38b153e3caeaf922d6

SHA512
eafd2b4048ab1a447e5565796b80f9aadd64ff49f5b4b3f09bc0a8a1448330e00ef91c2e5d4e9128eaff0f8bbd2997346f195fdaf6c25b71c4d45081f3efa5d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0e27e48090379f3135df8e33f7746f09

SHA1
ab89e5eaeb5c42fc847bc3b5d0337b3ff9439ba7

SHA256
0e2eda2a840d27558ce0f1e9328c27e5f9ee6ab2dc6fba876d5931f81dc9039b

SHA512
e3063f0d6db8340bad80ab604e13eb35203ebd6bf6ae2afd98145de395a6c3045ad6ea4f66dc10eff36091dc24bdfaba3cb283bc81132619b8a2c529e1d15936

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a02be6912db9ee4d92b1e247a62dfeea

SHA1
943ab751fa5fb88da812a7b018b71ec51767f170

SHA256
9496b7b805400bcfa5f172cc6e0290e8f128daca8508daa42d32a3aa22ecdb4d

SHA512
075cb5671e81a52d078440a8bb2702b1b7ef43b4dbcd1f2507580e6cc6c15abf490a9e4f2dccbdcd00894b048b18eb6de7bf8ec14623d3e978141ebea1436f57

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
549af6152aa63209278ef70cc6d83bcc

SHA1
77abc5f533042528f451a0e4d0e7912764f77f13

SHA256
139e37624738e82d535ee219c8c121712fb6b75a373afee9aa7c0922d3a32431

SHA512
5506b94ad6757bdf0ac0371bebbdf8898d4ca6c98a07b3d7cf56f51fdb26b10a63e73a5099cd255f0adada79268a249b593029b1f32dbbba14721783369781bc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6ccadce3cacc5040083eedcbcfa87ed7

SHA1
0862c853fa304c0512e9bc7e4e85e4ba59ec3bbb

SHA256
ad9a0b27ed903d80d8865519c5c051ddae959d83c2295e1ccd8325bbf3f3046c

SHA512
df85bcc594e06f099af5e66cf8b6bd69a5fe5dc058ddf6f891a2f42099f2ca902c9aaae450156488f27a979e2d07148539d9dfaa0bf63a20262cff07ad3db86d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
55b7e415e981e6ccdce807641bc81197

SHA1
ef511666f6626cb8258ce7210fc185fde3cc2a57

SHA256
8e36c267b64e23309312ceb7fec7c15371e69c05ec99b86eb827969528f05247

SHA512
443bbbfd713a9c81deaa4692b10d06a5dbde830d98405cb89ca6a052dfc3cdddf9a06b304ef6f1aff2c86890e795233e3cc2e90ab264bbe361291c5fbdb24b24

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d0d2704d97df4e6ef6eaa84a93e0f99a

SHA1
c9b7fcbbbb0e8ccafdd169b6c5f98c81ec43fddb

SHA256
40553065f0464890d8270ae7b946c36cd790c4eda395013b73083891f79b181b

SHA512
a3773d2cc0e135cb275ff53ffa3c441901c56db8ca9f444a8bb1812f7a476b82516db41b7d157b8af1f76d9b63c991140841f5147b9d01c692f68f42056b64d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5f13f4c3d5a5293399f8c3b2156ceed7

SHA1
aec043444c8571fae1e1fc362366b019559f7c1b

SHA256
96906c21c00aecd2925ce1f772473e4b8abd04a0be340813e370652b263b7696

SHA512
26fa77ec552022bd94f1281d98370a222fb84e4a8b68ecc2ff1b151d63e69ddc02e9dd25b9f2efa6e85bb0decd217ee0d1c19bb29998e573d61b5a35c081c2bc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
44ce5b0bb6bf92e9fb11fb8b96468b46

SHA1
186f52dce8c18760e53bac59be141290f454f1c2

SHA256
c2505974e62058c0d6eecdf651a824332faf056125e989b001470ed030ea2b38

SHA512
048571a847cb3111993726186ee1bc13e6b96c53d55c73a40a88eb51676a69da15c254a66f2f7ccbb3acd44479443838e7af49a1294b132f85f30323d4664684

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8fd5b84bf927e9ff2832155bb9a880b7

SHA1
8562264b2611322eb43853f283220fa1f876b904

SHA256
c28c492b6eb9b1079153a6d8bd8f7404019f25d8914381feb111967c7c116dee

SHA512
bac493cbaee21e1c454ac4f4693c77f72ee94b873c0241373f4b468f01cd051f28ea403cfece035da580e70f2fd34616d75398230b3e31edea5da4ec3c69bdf2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c634668ae3b44ee352ad25ded56b2c73

SHA1
2bd947ad4e3c819cf59e08797ab8768efcb9d89a

SHA256
9530591f0442b560d256c35cb3bfa031113c5ffbf0326e283d83e3cd18298b17

SHA512
f00316baae92c7680344478dd4f04d036e729f32264e9d379903c19c9a7e3d7b57ff800c5d8ce12398c78a8fc1cc17701c7109d35ba9e42a95d9019e9e8987d8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1c9f784e33b917d3dfed5042cfed6e3f

SHA1
8eb072efe39d395618aa921b12e86823c829ea74

SHA256
e3f8abf585a00fb3e6cd967236590e0af899ea94fd511bcb126d6fb8ae09f934

SHA512
0ce2daa26c99e7e2807c84cc722da766290424cb59c1f32f462c5d772407f0f4ac3945af5f72724f7832696539af48101f7fc9992478b66e9543ee8186a30f81

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0ecdc14e4ebd75757f6cf74a2bea4230

SHA1
210217afc5bb8a490a0645b6d619443f56b5fdbc

SHA256
aa73dc644a4187d779239cec80de4ddde66fca4dacd32a18e37ee2b066e1c791

SHA512
115bf3c2032b5f7b9c6ab63ad7c20c6e0ca86f114e5d21c464165a992c7005385e7e3551cd82cf48617803e49374d22fe934a3452ac434896c8e348319bc9345

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUME8XYE\print[1].htm

Filesize
706B

MD5
67f3a5933c17b3ab044826d3927d0ba9

SHA1
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

SHA256
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

SHA512
03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab55C1.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar568F.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit